commit apache2-mod_auth_openidc for openSUSE:Factory

Source-Sync Tue, 17 Aug 2021 23:57:23 -0700

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package apache2-mod_auth_openidc for 
openSUSE:Factory checked in at 2021-08-18 08:55:49
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/apache2-mod_auth_openidc (Old)
 and      /work/SRC/openSUSE:Factory/.apache2-mod_auth_openidc.new.1899 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "apache2-mod_auth_openidc"

Wed Aug 18 08:55:49 2021 rev:20 rq:912383 version:2.4.9.1

Changes:
--------
--- 
/work/SRC/openSUSE:Factory/apache2-mod_auth_openidc/apache2-mod_auth_openidc.changes
        2021-07-23 23:41:43.913791464 +0200
+++ 
/work/SRC/openSUSE:Factory/.apache2-mod_auth_openidc.new.1899/apache2-mod_auth_openidc.changes
      2021-08-18 08:56:36.138926198 +0200
@@ -1,0 +2,6 @@
+Fri Aug 13 17:57:57 UTC 2021 - Michael Str??der <[email protected]>
+
+- update to 2.4.9.1
+  fix retried Redis commands after a reconnect; see #642
+
+-------------------------------------------------------------------

Old:
----
  mod_auth_openidc-2.4.9.tar.gz

New:
----
  mod_auth_openidc-2.4.9.1.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ apache2-mod_auth_openidc.spec ++++++
--- /var/tmp/diff_new_pack.Jv7C51/_old  2021-08-18 08:56:36.598925657 +0200
+++ /var/tmp/diff_new_pack.Jv7C51/_new  2021-08-18 08:56:36.602925653 +0200
@@ -17,7 +17,7 @@
 
 
 Name:           apache2-mod_auth_openidc
-Version:        2.4.9
+Version:        2.4.9.1
 Release:        0
 Summary:        Apache2.x module for an OpenID Connect enabled Identity 
Provider
 License:        Apache-2.0

++++++ mod_auth_openidc-2.4.9.tar.gz -> mod_auth_openidc-2.4.9.1.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/mod_auth_openidc-2.4.9/ChangeLog 
new/mod_auth_openidc-2.4.9.1/ChangeLog
--- old/mod_auth_openidc-2.4.9/ChangeLog        2021-07-22 18:30:21.000000000 
+0200
+++ new/mod_auth_openidc-2.4.9.1/ChangeLog      2021-08-13 10:42:48.000000000 
+0200
@@ -1,7 +1,12 @@
+08/13/2021
+- fix retried Redis commands after a reconnect; thanks @iainh
+- release 2.4.9.1
+
 07/22/2021
 - use redisvCommand to avoid crash with crafted key when using Redis without 
encryption; thanks @thomas-chauchefoin-sonarsource
 - replace potentially harmful backslashes with forward slashes when validating 
redirection URLs; thanks @thomas-chauchefoin-sonarsource
 - release 2.4.9
+- don't use DEFAULT_LIMIT_REQUEST_LINE constant; since it does not exist in 
Apache 2.2.x
 
 07/15/2021
 - verify that "alg" is not none in logout_token explicitly
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/mod_auth_openidc-2.4.9/auth_openidc.conf 
new/mod_auth_openidc-2.4.9.1/auth_openidc.conf
--- old/mod_auth_openidc-2.4.9/auth_openidc.conf        2021-07-22 
18:30:00.000000000 +0200
+++ new/mod_auth_openidc-2.4.9.1/auth_openidc.conf      2021-08-09 
17:20:32.000000000 +0200
@@ -886,6 +886,8 @@
 #   timeout (int)              : the session inactivity timeout (Unix 
timestamp in seconds)
 #   remote_user (string)       : the remote user name
 #   session (object)           : (for debugging) mod_auth_openidc specific 
session data such as "remote user", "session expiry", "session id" and a 
"state" object
+# Note that when using ProxyPass / you may have to add a proxy exception for 
the Redirect URI 
+# for this to work, e.g. ProxyPass /redirect_uri !
 # When not defined the session hook will not return any data but a HTTP 404
 #OIDCInfoHook 
[iat|access_token|access_token_expires|id_token|userinfo|refresh_token|exp|timeout|remote_user|session]+
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/mod_auth_openidc-2.4.9/configure 
new/mod_auth_openidc-2.4.9.1/configure
--- old/mod_auth_openidc-2.4.9/configure        2021-07-22 18:41:17.000000000 
+0200
+++ new/mod_auth_openidc-2.4.9.1/configure      2021-08-13 10:44:07.000000000 
+0200
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.71 for mod_auth_openidc 2.4.9.
+# Generated by GNU Autoconf 2.71 for mod_auth_openidc 2.4.9.1.
 #
 # Report bugs to <[email protected]>.
 #
@@ -610,8 +610,8 @@
 # Identity of this package.
 PACKAGE_NAME='mod_auth_openidc'
 PACKAGE_TARNAME='mod_auth_openidc'
-PACKAGE_VERSION='2.4.9'
-PACKAGE_STRING='mod_auth_openidc 2.4.9'
+PACKAGE_VERSION='2.4.9.1'
+PACKAGE_STRING='mod_auth_openidc 2.4.9.1'
 PACKAGE_BUGREPORT='[email protected]'
 PACKAGE_URL=''
 
@@ -1301,7 +1301,7 @@
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures mod_auth_openidc 2.4.9 to adapt to many kinds of 
systems.
+\`configure' configures mod_auth_openidc 2.4.9.1 to adapt to many kinds of 
systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1364,7 +1364,7 @@
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of mod_auth_openidc 2.4.9:";;
+     short | recursive ) echo "Configuration of mod_auth_openidc 2.4.9.1:";;
    esac
   cat <<\_ACEOF
 
@@ -1478,7 +1478,7 @@
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-mod_auth_openidc configure 2.4.9
+mod_auth_openidc configure 2.4.9.1
 generated by GNU Autoconf 2.71
 
 Copyright (C) 2021 Free Software Foundation, Inc.
@@ -1634,7 +1634,7 @@
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by mod_auth_openidc $as_me 2.4.9, which was
+It was created by mod_auth_openidc $as_me 2.4.9.1, which was
 generated by GNU Autoconf 2.71.  Invocation command line was
 
   $ $0$ac_configure_args_raw
@@ -2292,7 +2292,7 @@
 
 
 
-NAMEVER=mod_auth_openidc-2.4.9
+NAMEVER=mod_auth_openidc-2.4.9.1
 
 
 # This section defines the --with-apxs2 option.
@@ -4952,7 +4952,7 @@
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by mod_auth_openidc $as_me 2.4.9, which was
+This file was extended by mod_auth_openidc $as_me 2.4.9.1, which was
 generated by GNU Autoconf 2.71.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -5007,7 +5007,7 @@
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config='$ac_cs_config_escaped'
 ac_cs_version="\\
-mod_auth_openidc config.status 2.4.9
+mod_auth_openidc config.status 2.4.9.1
 configured by $0, generated by GNU Autoconf 2.71,
   with options \\"\$ac_cs_config\\"
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/mod_auth_openidc-2.4.9/configure.ac 
new/mod_auth_openidc-2.4.9.1/configure.ac
--- old/mod_auth_openidc-2.4.9/configure.ac     2021-07-22 18:30:33.000000000 
+0200
+++ new/mod_auth_openidc-2.4.9.1/configure.ac   2021-08-13 10:43:03.000000000 
+0200
@@ -1,4 +1,4 @@
-AC_INIT([mod_auth_openidc],[2.4.9],[[email protected]])
+AC_INIT([mod_auth_openidc],[2.4.9.1],[[email protected]])
 
 AC_SUBST(NAMEVER, AC_PACKAGE_TARNAME()-AC_PACKAGE_VERSION())
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/mod_auth_openidc-2.4.9/src/cache/redis.c 
new/mod_auth_openidc-2.4.9.1/src/cache/redis.c
--- old/mod_auth_openidc-2.4.9/src/cache/redis.c        2021-07-22 
18:30:06.000000000 +0200
+++ new/mod_auth_openidc-2.4.9.1/src/cache/redis.c      2021-08-13 
10:41:38.000000000 +0200
@@ -270,7 +270,6 @@
        redisReply *reply = NULL;
        int i = 0;
        va_list ap;
-       va_start(ap, format);
 
        /* try to execute a command at max 2 times while reconnecting */
        for (i = 0; i < OIDC_REDIS_MAX_TRIES; i++) {
@@ -279,8 +278,10 @@
                if (oidc_cache_redis_connect(r, context) != APR_SUCCESS)
                        break;
 
+               va_start(ap, format);
                /* execute the actual command */
                reply = redisvCommand(context->ctx, format, ap);
+               va_end(ap);
 
                /* check for errors, need to return error replies for cache 
miss case REDIS_REPLY_NIL */
                if ((reply != NULL) && (reply->type != REDIS_REPLY_ERROR))
@@ -300,8 +301,6 @@
                oidc_cache_redis_free(context);
        }
 
-       va_end(ap);
-
        return reply;
 }
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/mod_auth_openidc-2.4.9/src/mod_auth_openidc.c 
new/mod_auth_openidc-2.4.9.1/src/mod_auth_openidc.c
--- old/mod_auth_openidc-2.4.9/src/mod_auth_openidc.c   2021-07-22 
18:30:06.000000000 +0200
+++ new/mod_auth_openidc-2.4.9.1/src/mod_auth_openidc.c 2021-07-23 
18:59:33.000000000 +0200
@@ -2920,7 +2920,7 @@
        return rc;
 }
 
-#define OIDC_MAX_URL_LENGTH DEFAULT_LIMIT_REQUEST_LINE * 2
+#define OIDC_MAX_URL_LENGTH 8192 * 2
 
 static apr_byte_t oidc_validate_redirect_url(request_rec *r, oidc_cfg *c,
                const char *redirect_to_url, apr_byte_t restrict_to_host, char 
**err_str,

commit apache2-mod_auth_openidc for openSUSE:Factory

Reply via email to